Back to skill
Skillv1.0.0
VirusTotal security
Polygon PoS Development · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:24 AM
- Hash
- 2b99297ae6d9952fc7f729d4bb227e45b6b8ce2a4e551bcd5915625ac0c70454
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The skill bundle is classified as suspicious primarily due to the use of `curl -L https://foundry.paradigm.xyz | bash` for installing Foundry, as seen in `SKILL.md`, `references/foundry-deployment.md`, and `references/testing-strategies.md`. While this is a common installation method for Foundry from its official source, the `curl | bash` pattern is an inherently high-risk execution method that downloads and executes a remote script, which could be exploited if the source were compromised. Additionally, the skill instructs the agent/user to handle sensitive information like private keys and API keys, although it does provide explicit advice to store them in `.env` files and add them to `.gitignore`.
- External report
- View on VirusTotal